Security Engineer, Identity Management

Job Summary 

For this role, we are looking for a curious and innovative Security Engineer with a passion for information security, customer service, and compliance. You will be responsible for guiding security best practices while following security frameworks such as NIST, and SOC2. You will be leading the security programs to ensure minimal risk exposure. At IGS, we take a risk-based approach to our decisions and utilize industry best practices and security frameworks to guide us along the way. We are looking for someone that is good at understanding and solving complex and ambiguous problems and constantly seek improvement. 

Primary Responsibilities 

• Architect and manage Azure Entra infrastructure, including tenant design, hybrid identity configurations, and conditional access policies. 

• Maintain and optimize Active Directory environments, including domain controllers, group policies, organizational units, and security hardening. 

• Design and implement Active Directory Federation Services (ADFS) and manage complex federation trusts between internal and external identity providers. 

• Plan and execute domain trust relationships, including forest trusts, external trusts, and realm trusts across complex enterprise environments. 

• Lead identity platform through organizational transitions, including tenant-to-tenant migrations, directory consolidations, and identity lifecycle transitions. 

• Manage multi-tenant Microsoft 365 migrations, ensuring secure data transfer and seamless user transitions during organizational changes. 

• Develop and maintain disaster recovery and business continuity plans for identity infrastructure. 

• Implement identity security best practices, including privileged access management, MFA enforcement, and identity protection policies. 

• Monitor identity infrastructure health, performance, and security posture, responding to incidents and anomalies. 

• Collaborate with business stakeholders during organizational transitions to ensure smooth identity transitions with minimal business impact. 

Other Responsibilities  

• Work closely with IT and other departments to ensure security measures are integrated into all aspects of the organization's technology and operations.  

• Apply knowledge of information security principles and practices.   

• Ability to think strategically but willingness to handle, first-hand, the mechanics of technology services required by the business.  

• Other duties and responsibilities as assigned.  

Required Skills  

• Proven experience managing complex Microsoft 365 environments, particularly multi-tenant migrations and consolidations. 

• Strong understanding of Active Directory Federation Services, domain trusts, and forest architectures. 

• Hands-on experience with Azure Entra, including conditional access, privileged identity management, and hybrid identity configurations. 

• Solid understanding of authentication protocols (SAML, OAuth 2.0, OpenID Connect, Kerberos, LDAP). 

• Exceptional organizational skills, follow through, and multitasking abilities.    

• Decisiveness, good judgment, analytical aptitude, and problem-solving skills to act with authority and take risks in an environment with little direction from others.    

• Excellent communicator with strong organizational savvy and leadership skills necessary to interface with and influence all levels of organization.   

• Ability to work in a fast-paced and dynamic environment.  

Minimum Education and Experience  

• Minimum of 5 years of technical experience, with at least 3 years of security focus. 

• Demonstrated knowledge of, and experience in implementing security technologies and processes.  

• Professional certifications within security-related areas, while not a minimum requirement, would be highly desirable.  

#LI-AM1